Adobe said on Wednesday some of its programs contain yet-to-be-fixed flaws that make computers vulnerable to attack.

Adobe posted a notice on its Web site that said it had unknowingly incorporated vulnerabilities into versions of Adobe Reader and Acrobat software that could allow malicious programs to get on to a PC without the user's knowledge.

Such malicious software can take control of a machine and steal confidential data, send out tens of thousands of spam e-mails, or infiltrate government computer systems.

Adobe said it believes the flaws only affect computers running Microsoft's Windows XP operating system and Internet Explorer 7 Web browser. Adobe said it was working to rectify the problem but the fix might not be available until the end of October.

Adobe has posted instructions on its Web site for working around the problem, www.adobe.com/support/security/. However, the instructions are mainly for administrators who run corporate networks, not consumers.

Adobe said PC users who are unable to program that database to fix it may need to wait until the software itself is fixed. The company said it would notify users on its Web site.